How Microsoft is using hardware to secure firmware - Virtual Intelligence Briefing

How Microsoft is using hardware to secure firmware

Since Windows 8 and Server 2012, Windows has used UEFI to check the signatures on the boot drivers, firmware drivers and the OS itself to make sure the code hasn’t been tampered with (for example by a rootkit), and then launched any installed anti-malware software before launching any other code.

If you have a TPM, Windows can use it to store measurements of the boot components to pass to the anti-malware software so it knows those components were checked. Windows 10 can also use Hyper-V to protect the Windows logon process from malware (Virtualisation Based Security), although that’s something you have to turn on yourself on all but the latest Arm-based PCs.

To read the entire article, please click on https://www.techrepublic.com/article/how-microsoft-is-using-hardware-to-secure-firmware/